Update all dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
actions/checkout	action	patch	v4.2.0 -> v4.2.2
actions/checkout	action	digest	692973e -> 11bd719
actions/upload-artifact	action	digest	5076954 -> b4b15b8
cgr.dev/chainguard/glibc-dynamic	final	digest	cabf47e -> e4df2ee
cgr.dev/chainguard/go	stage	digest	2dbbaf1 -> 2e4c0d2
github.com/arangodb/go-driver/v2	require	patch	v2.1.1 -> v2.1.2
github.com/swaggo/swag	require	patch	v1.16.3 -> v1.16.4
github/codeql-action	action	minor	v3.26.10 -> v3.27.5
ortelius/workflow-toolkit	action	digest	b874237 -> f483857
oxsecurity/megalinter	action	digest	c217fe8 -> 1fc052d
step-security/harden-runner	action	patch	v2.10.1 -> v2.10.2

---

Release Notes

actions/checkout (actions/checkout)

v4.2.2

Compare Source

• url-helper.ts now leverages well-known environment variables by @​jww3 in https://github.com/actions/checkout/pull/1941
• Expand unit test coverage for isGhes by @​jww3 in https://github.com/actions/checkout/pull/1946

v4.2.1

Compare Source

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in https://github.com/actions/checkout/pull/1924

arangodb/go-driver (github.com/arangodb/go-driver/v2)

v2.1.2

Compare Source

• Expose NewType method
• Connection configuration helper
• Adjust Cursor options
• Switch to Go 1.22.8
• Remove deprecated context functions
• Fix Error Handler in CreateCollectionWithOptions

swaggo/swag (github.com/swaggo/swag)

v1.16.4

Compare Source

Changelog

• 85254b4 Added multiline support for @​description attribute for securityDefinitions (#​1786)
• 7204462 Added suport for parsing comments inside of function bodies (#​1824)
• d323b48 Feat: Add support for parenthesis in router patterns (#​1859)
• 15dae35 Feat: multi-arch docker image (#​1756)
• 83fe3ca Fix generics used with function scoped types (#​1883)
• ff50cd6 Fix global overrides for any/interface ref types (#​1835)
• 1d730c5 Fix param comment escaping issue (#​1890)
• 697572a Fixes Issue 1829 (#​1830)
• 28de14c Flags to parse internal and dependency package (#​1894)
• 4c2f8dd Handle case of empty GOROOT (#​1798)
• 87e7d9c Update docker go build version to 1.21 (#​1758)
• 4fd8a36 Update docs for request and response headers (#​1825)
• 56fde5c Update operation.go (#​1753)
• 807dd1f [Issue 1812] fix misalignment in expected.json and api.go messing with parser_test (#​1836)
• 91624ad add support for "title" tag (#​1762)
• f32d4d3 adds support for complex types with function scope (#​1813)
• c7f1cd8 adds support for pointer function scoped fields (#​1841)
• 8a47dcb bump go version (#​1797)
• 0834357 chore(deps): bump golang.org/x/net from 0.17.0 to 0.23.0 (#​1793)
• 1bb1445 chore(deps): bump golang.org/x/net in /example/celler (#​1794)
• 6aa6613 chore(deps): bump golang.org/x/net in /example/go-module-support (#​1795)
• d5af957 chore(deps): bump golang.org/x/net in /example/markdown (#​1792)
• 0368d7d chore(deps): bump golang.org/x/net in /example/object-map-example (#​1796)
• b8662de chore(deps): bump google.golang.org/protobuf (#​1773)
• 4a11e23 chore(deps): bump google.golang.org/protobuf (#​1774)
• 937c239 chore(deps): bump google.golang.org/protobuf in /example/celler (#​1775)
• 103ac42 chore: Update ci.yml (#​1902)
• 90aa46f chore: fix some typos in comments (#​1788)
• e55c557 feat: read from stdin, write to stdout (#​1831) (#​1832)
• fd2fa83 fix issue: #​1780: filter $GOROOT path (#​1827)
• 10030b0 fix parse nested structs and aliases (#​1866)
• 7159b0f fix: failing assert in enums test on 32bit (#​1634)
• 928264c fix: remove dropped tags from general infos (#​1764)
• a74d34c fix：parse all field names declared in a row (#​1872)
• 0b9e347 new release (#​1901)
• a3c6d12 support markdown description for declaration (#​1893)
• 9069105 update README (#​1856)

github/codeql-action (github/codeql-action)

v3.27.5

Compare Source

v3.27.4

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.4 - 14 Nov 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v3.27.3

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.3 - 12 Nov 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v3.27.2

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.2 - 12 Nov 2024

• Fixed an issue where setting up the CodeQL tools would sometimes fail with the message "Invalid value 'undefined' for header 'authorization'". #​2590

See the full CHANGELOG.md for more information.

v3.27.1

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.1 - 08 Nov 2024

• The CodeQL Action now downloads bundles compressed using Zstandard on GitHub Enterprise Server when using Linux or macOS runners. This speeds up the installation of the CodeQL tools. This feature is already available to GitHub.com users. #​2573
• Update default CodeQL bundle version to 2.19.3. #​2576

See the full CHANGELOG.md for more information.

v3.27.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.0 - 22 Oct 2024

• Bump the minimum CodeQL bundle version to 2.14.6. #​2549
• Fix an issue where the upload-sarif Action would fail with "upload-sarif post-action step failed: Input required and not supplied: token" when called in a composite Action that had a different set of inputs to the ones expected by the upload-sarif Action. #​2557
• Update default CodeQL bundle version to 2.19.2. #​2552

See the full CHANGELOG.md for more information.

v3.26.13

Compare Source

v3.26.12

Compare Source

v3.26.11

Compare Source

step-security/harden-runner (step-security/harden-runner)

v2.10.2

Compare Source

What's Changed

1. Fixes low-severity command injection weaknesses
   The advisory is here: GHSA-g85v-wf27-67xc

2. Bug fix to improve detection of whether Harden-Runner is running in a container

Full Changelog: step-security/harden-runner@v2...v2.10.2

---

Configuration

📅 Schedule: Branch creation - "every 1 hours every weekday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 6 additional dependencies were updated

Details:

Package	Change
golang.org/x/exp	v0.0.0-20240909161429-701f63a606c0 -> v0.0.0-20241108190413-2d47ceb2692f
golang.org/x/net	v0.29.0 -> v0.31.0
golang.org/x/text	v0.18.0 -> v0.20.0
golang.org/x/crypto	v0.27.0 -> v0.29.0
golang.org/x/sys	v0.25.0 -> v0.27.0
golang.org/x/tools	v0.25.0 -> v0.27.0